| 1 |
efrain |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
/**
|
|
|
4 |
* Implements special behavior for class attribute (normally NMTOKENS)
|
|
|
5 |
*/
|
|
|
6 |
class HTMLPurifier_AttrDef_HTML_Class extends HTMLPurifier_AttrDef_HTML_Nmtokens
|
|
|
7 |
{
|
|
|
8 |
/**
|
|
|
9 |
* @param string $string
|
|
|
10 |
* @param HTMLPurifier_Config $config
|
|
|
11 |
* @param HTMLPurifier_Context $context
|
|
|
12 |
* @return bool|string
|
|
|
13 |
*/
|
|
|
14 |
protected function split($string, $config, $context)
|
|
|
15 |
{
|
|
|
16 |
// really, this twiddle should be lazy loaded
|
|
|
17 |
$name = $config->getDefinition('HTML')->doctype->name;
|
|
|
18 |
if ($name == "XHTML 1.1" || $name == "XHTML 2.0") {
|
|
|
19 |
return parent::split($string, $config, $context);
|
|
|
20 |
} else {
|
|
|
21 |
return preg_split('/\s+/', $string);
|
|
|
22 |
}
|
|
|
23 |
}
|
|
|
24 |
|
|
|
25 |
/**
|
|
|
26 |
* @param array $tokens
|
|
|
27 |
* @param HTMLPurifier_Config $config
|
|
|
28 |
* @param HTMLPurifier_Context $context
|
|
|
29 |
* @return array
|
|
|
30 |
*/
|
|
|
31 |
protected function filter($tokens, $config, $context)
|
|
|
32 |
{
|
|
|
33 |
$allowed = $config->get('Attr.AllowedClasses');
|
|
|
34 |
$forbidden = $config->get('Attr.ForbiddenClasses');
|
|
|
35 |
$ret = array();
|
|
|
36 |
foreach ($tokens as $token) {
|
|
|
37 |
if (($allowed === null || isset($allowed[$token])) &&
|
|
|
38 |
!isset($forbidden[$token]) &&
|
|
|
39 |
// We need this O(n) check because of PHP's array
|
|
|
40 |
// implementation that casts -0 to 0.
|
|
|
41 |
!in_array($token, $ret, true)
|
|
|
42 |
) {
|
|
|
43 |
$ret[] = $token;
|
|
|
44 |
}
|
|
|
45 |
}
|
|
|
46 |
return $ret;
|
|
|
47 |
}
|
|
|
48 |
}
|